The Chief Operating Officer (COO) at an organization raises concerns that their virtual infrastructure environment is vulnerable. Recently, a security-related issue with a virtual machine caused all management services to become unavailable. No budget is available in the short term for additional platform investment. An architect is asked to review the current environment and make recommendations to mitigate concerns.
A virtualization administrator has provided the following details:
✑ There is a single four node cluster of ESXi servers
✑ There are two, Layer 2, physical network switches connecting resources
✑ The data center network is presented as a single /16 subnet
Given the information provided, which functional requirement should the architect include in the design to mitigate the COOs concerns?
D
An architect is tasked with designing a greenfield VMware software-defined data center (SDDC) solution that will be used to deliver a private cloud service for a customer.
During the initial meeting with the service owner and business sponsor, the customer has provided the following information to help inform the design:
✑ The solution must initially support the concurrent running of 300 production and 600 development virtual machines.
✑ The production environment should be delivered across two geographically dispersed data centers.
✑ The development environment must be vSphere-based but does not have to be deployed on-premises.
✑ The two data centers are connected to each other through multiple diversely routed, high bandwidth and low latency links.
✑ The customer's server hardware standard document states that all virtual infrastructure hosts must be based on blade architecture only.
✑ The service owner has said that is important to ensure that neither the availability target of 99.5% nor the resource capacity is affected when the operations team completes maintenance activities, such as the monthly software patching and ad-hoc hardware break/fix.
✑ All virtual machine backups must be completed using the existing backup service.
✑ The recovery time objective (RTO) for the service is four hours.
✑ The recovery point objective (RPO) of the service is 24 hours.
Given the information from the customer, which two would be classified as assumptions within the design? (Choose two.)
AC
In a meeting to discuss the minimum viable product (MVP) deployment of a new customer-facing application, the key stakeholder shares details of the application components and the application administrators share details of performance and integrity tests for the application.
The application will be made up of the following components:
A web server -
- Steps to confirm the web server is operating correctly will take 15 minutes after the application server is online.
✑ An application server
- Steps to confirm application server integrity will take 15 minutes after the database is online.
✑ A database server
- The database server will be managed by a database administrator, with an agreed service-level agreement (SLA) to restore and validate database services within one hour.
The existing VMware infrastructure offers a recovery point objective (RPO) of 5 minutes and recovery time objective (RTO) of 15 minutes through a combination of backups and replication.
In the event of an outage impacting all three application components, how long will it take for the application to recover and complete all checks?
A
During a requirements gathering workshop to design a physical to virtual migration, the customer provides the following information:
✑ There is no physical firewall in the data center with no anticipated plans for a future network refresh.
✑ Leveraging the virtual infrastructure to mitigate the lack of network security must be addressed in the design.
✑ All physical servers to be migrated exist on the same VLAN.
Which recommendation should the architect make to address the customer requirement with regard to virtual networking?
A.
✑ Split the virtual machines into several VLANs
✑ Use tag actions
B.
✑ Create port groups with different names and same VLAN IDs
✑ Enable traffic shaping for ingress and egress traffic
C.
✑ Enable traffic filtering and marking
✑ Use allow or drop actions
D.
Disable traffic filtering and marking
✑ Use tag actions
C
Reference:
https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.networking.doc/GUID-67CA4C18-4F18-4E23-A5C7-BC33112D4433.html
A customer has a database cluster with 40/60 read/write ratio and a high IOPs requirement with no contention on an all-flash vSAN cluster.
Which two storage settings should be configured for best performance? (Choose two.)
BC
Reference:
https://core.vmware.com/resource/troubleshooting-vsan-performance
There is a request for approved virtual machine applications through a new vSphere platform's integrated automation portal. The platform was built following all provided company security guidelines and has been assessed against Sarbanes-Oxley Act of 2002 (SOX) regulations.
The platform has the following characteristics:
✑ vRealize Operations is being used to monitor all clusters.
✑ There is a dedicated ESXi cluster, supporting all management services.
- All network traffic is via distributed virtual switches (DVS).
✑ There is a dedicated ESXi cluster for all line-of-business applications.
- Network traffic is serviced by NSX-T.
✑ There is a dedicated ESXi cluster for virtual desktop infrastructure (VDI).
- Network traffic is serviced by NSX-T.
The application owner is requesting approval to install a new service that must be protected as per the Payment Card Industry (PCI) Data Security Standard.
Which additional non-functional requirement should the architect include in the design to support the new service?
C
An architect is tasked with recommending a solution for a company that is running out of VLANs. Currently the company is running two separate data centers based on vSphere including an Enterprise Plus license. In the first data center, the problem was solved by using VMware NSX and overlay network. In the second data center, there is currently no VMware NSX implementation in place and no budget for additional licenses.
What should the architect recommend as a potential solution to provide support for additional VLANs?
A
A customer requests a review of its current vSphere platform design.
The following information is noted:
✑ There are three different workload profiles for the virtual machines:
- Tier-1 virtual machines operate resource-intensive applications and require dedicated allocations for CPU and RAM.
- Tier-2 virtual machines operate internet-facing applications and require access to externally facing networks.
- Tier-3 virtual machines operate platform management tools such as vCenter Server and have different lifecycle management requirements.
✑ Tier-1, Tier-2 and Tier-3 virtual machines are all hosted on a single large vSphere cluster.
✑ The Chief Information Security Officer (CISO) has raised concerns that hosting externally facing applications alongside management tools does not meet internal compliance standards.
✑ The Operations team has raised concerns about Tier-1 virtual machines negatively impacting the performance of vCenter Server.
✑ The Operations lead has stated that management changes have consistently been rejected by application teams.
As a result of the review, which recommendation should the architect make regarding the design of this platform?
D
A customer provides the following list of requirements for their vSphere platform:
✑ REQ01 The solution should utilize dual network connections to eliminate single points of failure.
✑ REQ02 The solution should allow logs to be retained for a period of 30 days.
✑ REQ03 All user access to the platform should be recorded for audit purposes.
✑ REQ04 The solution should allow the management of multiple ESXi hosts.
✑ REQ05 The solution should allow users to view the remote console of virtual machines.
Which two of the listed requirements would be classified as non-functional requirements? (Choose two.)
BE
During a requirements gathering workshop, the customer provides the following requirement that is pertinent to the design of a new vSphere environment:
✑ The Maximum Tolerable Downtime (MTD) for all Tier 1 applications is one hour.
Which requirement classification is being gathered for the design documentation?
C
